In order to secure Web services clients, refer to Creating Mobile Web Services clients. Ensure that you check Configure Security. Perform the following procedure to configure Web services security for a secure Web services client:

Select the Web services name and port from the drop down menu.

Under 'How to create Web Services Security configuration', select the appropriate choice. For a test case, select Template configuration, then select the Client type and the Security template from the drop down menus.

Use other Lotus® Expeditor 6.x configuration

If you browse a folder including the existing WS-Security configuration for the Lotus Expeditor under the other existing project, you can import the configurations into the working project.

Import WebSphere® Application Server 6.x configuration

If you browse a folder including the existing WS-Security configurations for the WAS 6.0 client, you can import the configurations into the working project.

Convert WCTME 5.x class-based configuration

If you browse a WS-Security configuration java file for WCTME 5.8 or 5.7, you can convert the configuration for use with Lotus Expeditor 6.x.

Use template configuration

If you select one server type and one security template, you can use the predefined configurations in the working project.

The following is a list of server types:

Lotus Expeditor 6.x

WebSphere Application Server 6.x

WebSphere Application Server 5.x

The following is a list of security templates:

Signing and encryption

Signing only

Encryption only

Basic authentication only

Signing and basic authentication

Encryption and basic authentication

Signing, encryption, and basic authentication

Select Finish.

After completing the above procedure, the WS-Security Client Editor appears. Some files may be created or modified, as follows:

If the Web services client is static and you specified a package in the Mobile Web Services Client wizard

The port files '*.java' and '*_Stub.java' are generated in the specified package. The name of the port file is taken from the portType in the WSDL file

WS-Security related code is inserted in '*_Stub.java'

The files ibm-webservicesclient-ext.xmi, ibm-webservicesclient-bnd.xmi, clientSample.jks, and wssecurityclient.xml are generated in the export directory in the specified package

If the Web services client is static and you did not specify a package in the Mobile Web Services Client wizard

The port files '*.java' and '*_Stub.java' are generated in the package specified from the contents of the WSDL file

WS-Security-related code is inserted in the file '*_Stub.java'

The files ibm-webservicesclient-ext.xmi, ibm-webservicesclient-bnd.xmi, clientSample.jks, and wssecurityclient.xml are generated in the export directory in the package specified from the WSDL file

If the Web services client is dynamic

A port file is generated in the package specified in the WSDL file

WS-Security-related code is inserted in the file BundleActivator.java under the working project

The files ibm-webservicesclient-ext.xmi, ibm-webservicesclient-bnd.xmi, clientSample.jks, and wssecurityclient.xml are generated in the export directory in the package specified from the WSDL file

Note: The clientSample.jks is designed for testing purposes only. You should use your own key store file instead of clientSample.jks for commercial use to avoid security exposure. Anyone who reads this document can access the clientSampke.jks.

Note: The DeviceEE profile cannot read the file clientSample.jks created using other profiles such as Java SE due to the limitation of the DeviceEE profile's ability to read a keystore and vice versa.

Note: When you select 'Basic authentication' as a template, the Mobile Web Services security configuration declares username: @USERNAME@, password: @USERNAME@ by default. To run the client properly, you must edit the Mobile Web Services security configuration in order to modify these default values. Please refer to Editing the Mobile Web Services security configuration.